<?php
/*
+--------------------------------------------------------------------------
|   AffiliStore 2
|   ========================================
|   Web: http://www.affilistore.com
|   Email: admin (at) affilistore (dot) com
|	License Type: AffiliStore 2 is NOT open source software and limitations apply 
|   Licence Info: Visit AffiliStore website and click on 'Licence'
+--------------------------------------------------------------------------
*/
// checks to see if password session is set
// if not redirects to ../admin/
if($_SESSION['loggedIn'] == 0 && !isset($adminPage)){
include('auth.inc.php');
}


if (isset($_POST['wd_updated'])) {
	
	// check to see if details have been completed
	if (empty($_POST['wd_title']) || empty($_POST['wd_strap']) || empty($_POST['wd_url'])) {
	$error = 1;

	// else change details
	} else {
	
	// move file to folder on server
	$feedSource = $_FILES['wd_logo']['tmp_name'];
	$feedTarget = "../userfiles/".$_FILES['wd_logo']['name'];
	if ($feedSource != NULL) {
	move_uploaded_file($feedSource, $feedTarget) or die ("couldn't copy");
	
	$sql = sprintf("UPDATE affiliSt_config SET value = %s WHERE name = 'adLogo'",
			quote_smart($installDir['value'].'userfiles/'.$_FILES['wd_logo']['name']));
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	}
	
	$sql = sprintf("UPDATE affiliSt_config SET value = %s WHERE name = 'adWebTitle'",
			quote_smart($_POST['wd_title']));
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	$sql = sprintf("UPDATE affiliSt_config SET value = %s WHERE name = 'adWebStrap'",
			quote_smart($_POST['wd_strap']));
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	$sql = sprintf("UPDATE affiliSt_config SET value = %s WHERE name = 'adWebURL'",
			quote_smart($_POST['wd_url']));
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	$sql = sprintf("UPDATE affiliSt_config SET value = %s WHERE name = 'adSkinURL'",
			quote_smart($_POST['wd_skin']));
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	$sql = sprintf("UPDATE affiliSt_config SET value = %s WHERE name = 'adLogoAlt'",
			quote_smart($_POST['wd_logoalt']));
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	}
}


$getUserDetails = mysql_query("SELECT * FROM affiliSt_config");
$userDetails = mysql_fetch_assoc($getUserDetails);












?>

<?php
// error report
if ($error == 1) {
echo '<fieldset><strong style="color:red">ERROR: Fields must not be empty</strong></fieldset>';
} else {
	if (isset($_POST['wd_updated'])) {
	echo '<fieldset><strong style="color:green">Website Details Updated</strong></fieldset>';
	}
}
?>



<fieldset>
<legend>Update Your Website Details</legend>
<form enctype="multipart/form-data" action="index.php?ad=wd" method="post" name="updateDetails">

<table cellpadding="4" cellspacing="0" border="0">
<?php do { ?>
<?php if ($userDetails['name'] == 'adWebTitle') { ?>
<tr>
<td>
<label for="wTitle">Website Title:</label>
</td>
<td>
<input name="wd_title" type="text" id="wTitle" class="adminInput" value="<?php echo $userDetails['value'];?>" />
</td>
</tr>
<?php } ?>
<?php if ($userDetails['name'] == 'adWebStrap') { ?>
<tr>
<td>
<label for="wStrapline">Website Description:</label>
</td>
<td>
<input name="wd_strap" type="text" id="wStrapline" class="adminInput" value="<?php echo $userDetails['value'];?>" />
</td>
</tr>
<?php } ?>
<?php if ($userDetails['name'] == 'adWebURL') { ?>
<tr>
<td>
<label for="wAddress">Website Address:</label>
</td>
<td>
<input name="wd_url" type="text" id="wAddress" class="adminInput" value="<?php echo $userDetails['value'];?>" />
</td>
</tr>
<?php } ?>
<?php if ($userDetails['name'] == 'adSkinURL') { ?>
<tr>
<td>
Current Skin:
</td>
<td>
<?php echo $userDetails['value'];?>
</td>
</tr>
<tr>
<td>
<label for="wSkin">Choose Skin:</label>
</td>
<td>
<select name="wd_skin" id="wSkin" class="adminInput">
	<?php if ($handle = opendir('../skins/')) {
   			while (false !== ($file = readdir($handle))) {
       			if ($file != "." && $file != ".." && $file != ".htaccess") {
					if ($file == $userDetails['value']) {
           			echo '<option value="'.$file.'" selected="selected">'.$file.'</option>';
					} else {
           			echo '<option value="'.$file.'">'.$file.'</option>';
					}
       			}
   			}
   	closedir($handle);
	} ?>
</select>
</td>
</tr>
<?php } ?>
<?php if ($userDetails['name'] == 'adLogo') { ?>
<tr>
<td>
<label for="wLogo">Logo:</label>
</td>
<td>
<input type="file" name="wd_logo" id="wLogo" value="<?php echo $userDetails['value'];?>" />
</td>
</tr>
<?php 
$imagefilelocation = $userDetails['value'];
} ?>
<?php if ($userDetails['name'] == 'adLogoAlt') { ?>
<tr>
<td valign="top">
<label for="wLogoAlt">Logo Alt Tag:</label>
</td>
<td>
<input name="wd_logoalt" type="text" id="wLogoAlt" class="adminInput" value="<?php echo $userDetails['value']; ?>" /><br />
<?php
if ($imagefilelocation != NULL) {
echo'<img src="'.$imagefilelocation.'" alt="'.$userDetails['value'].'" />';
}
?>
</td>
</tr>
<?php } ?>
<?php } while ($userDetails = mysql_fetch_assoc($getUserDetails)); ?>
</table>
<input type="hidden" name="wd_updated" value="yes" />
<input value="Update Your Details" type="submit" class="padSubmit" />
</form>
</fieldset>